Security News > 2022 > April > Fake Windows 10 updates infect you with Magniber ransomware
Fake Windows 10 updates are being used to distribute the Magniber ransomware in a massive campaign that started earlier this month.
While researching the campaign, we discovered a topic in our forums where readers report becoming infected by the Magniber ransomware after installing what is believed to be Windows 10 cumulative or security update.
Other downloads pretend to be Windows 10 cumulative updates, using fake knowledge base articles, as shown below.
While it's not 100% clear how the fake Windows 10 updates are being promoted, the downloads are distributed from fake warez and crack sites.
The ransomware also creates ransom notes named README.html in each folder that contains instructions on how to access the Magniber Tor payment site to pay a ransom.
The Magniber payment site is titled 'My Decryptor' and will allow a victim to decrypt one file for free, contact 'support,' or determine the ransom amount and bitcoin address victims should make a payment.
News URL
Related news
- Windows 10 KB5048652 update fixes new motherboard activation bug (source)
- Windows 10 users urged to upgrade to avoid "security fiasco" (source)
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)
- Windows 10 KB5049981 update released with new BYOVD blocklist (source)
- Microsoft ends support for Office apps on Windows 10 in October (source)
- Windows 11 24H2 now also offered to all eligible Windows 10 PCs (source)
- January Windows 10 preview update force installs new Outlook (source)